| 2025-03-31 | Johannes Ullrich | Apache Camel Exploit Attempt by Vulnerability Scan (CVE-2025-27636, CVE-2025-29891) |
| 2024-03-29 | Xavier Mertens | Quick Forensics Analysis of Apache logs |
| 2023-12-20 | Guy Bruneau | How to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary] |
| 2023-05-30 | Johannes Ullrich | Your Business Data and Machine Learning at Risk: Attacks Against Apache NiFi |
| 2023-05-03 | Xavier Mertens | Increased Number of Configuration File Scans |
| 2022-09-01 | Johannes Ullrich | Jolokia Scans: Possible Hunt for Vulnerable Apache Geode Servers (CVE-2022-37021) |
| 2021-10-16 | Guy Bruneau | Apache is Actively Scan for CVE-2021-41773 & CVE-2021-42013 |
| 2021-10-06 | Johannes Ullrich | Apache 2.4.49 Directory Traversal Vulnerability (CVE-2021-41773) |
| 2021-08-24 | Johannes Ullrich | Attackers Hunting For Twilio Credentials |
| 2018-06-06 | Xavier Mertens | Converting PCAP Web Traffic to Apache Log |
| 2016-07-05 | Johannes Ullrich | Apache Update: TLS Certificate Authentication Bypass with HTTP/2 (CVE-2016-4979) |
| 2015-10-12 | Guy Bruneau | Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2 |
| 2014-07-28 | Johannes Ullrich | Interesting HTTP User Agent "chroot-apach0day" |
| 2014-03-17 | Jim Clausing | New Apache web server release |
| 2014-03-13 | Daniel Wesemann | Web server logs containing RS=^ ? |
| 2013-11-27 | Rob VandenBrink | Apache 2.4.7 is released 11/25. Download: http://httpd.apache.org/download.cgi#apache24 and Readme: http://apache.mirror.iweb.ca//httpd/CHANGES_2.4.7 |
| 2013-04-30 | Russ McRee | Apache binary backdoor adds malicious redirect to Blackhole |
| 2012-02-22 | Johannes Ullrich | Apache 2.4 Features |
| 2011-10-06 | Rob VandenBrink | Apache HTTP Server mod_proxy reverse proxy issue |
| 2011-08-30 | Johannes Ullrich | Apache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html |
| 2011-08-25 | Kevin Shortt | Revival of an Unpatched Apache HTTPD DoS |
| 2010-04-13 | Johannes Ullrich | Apache.org Bugtracker Breach |
| 2010-03-07 | Mari Nichols | Apache releases version 2.2.15 with 5 security fixes including OpenSSL issue. |
| 2010-01-25 | William Salusky | "Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!" |
| 2009-10-14 | Johannes Ullrich | Odd Apache/MSIE issue with downloads from ISC |
| 2009-08-28 | Adrien de Beaupre | apache.org compromised |
| 2009-06-23 | Bojan Zdrnja | Slowloris and Iranian DDoS attacks |
| 2009-06-21 | Bojan Zdrnja | Apache HTTP DoS tool mitigation |
| 2009-06-18 | Bojan Zdrnja | Apache HTTP DoS tool released |
| 2009-04-07 | Johannes Ullrich | Common Apache Misconception |
| 2009-01-12 | William Salusky | Web Application Firewalls (WAF) - Have you deployed WAF technology? |
| 2008-10-09 | Bojan Zdrnja | Watch that .htaccess file on your web site |
